1
0
mirror of https://github.com/moparisthebest/curl synced 2024-12-22 16:18:48 -05:00
Commit Graph

286 Commits

Author SHA1 Message Date
ehlertjd@gmail.com
8f654f29de IMAP: check pointer before dereferencing it
may be null in the CURLOPT_CONNECT_ONLY case

Fixes #747
2016-04-01 21:18:46 +02:00
Daniel Stenberg
e683182918 imap: remove duplicated function
The list and search response functions were identical! Merged into one
now. Detected by PVS Studio.

Reported-by: Alexis La Goutte
2016-03-31 15:12:22 +02:00
Daniel Stenberg
575e885db0 multi: turn Curl_done into file local multi_done
... as it now is used by multi.c only.
2016-03-30 07:52:28 +02:00
Steve Holme
c142e73142 ftp/imap/pop3/smtp: Fixed compilation warning when /Wall enabled
warning C4706: assignment within conditional expression
2016-03-19 17:15:53 +00:00
Steve Holme
97c9d2ae8c imap.c: Fixed compilation warning with /Wall enabled
warning C4701: potentially uninitialized local variable 'size' used

Technically this can't happen, as the usage of 'size' is protected by
'if(parsed)' and 'parsed' is only set after 'size' has been parsed.

Anyway, lets keep the compiler happy.
2016-03-19 11:01:36 +00:00
Steve Holme
a5aec58726 imap/pop3/smtp: Fixed connections upgraded with TLS are not reused
Regression since commit 710f14edba.

Bug: https://github.com/curl/curl/issues/422
Reported-by: Justin Ehlert
2016-03-08 19:36:46 +00:00
Daniel Stenberg
4af40b3646 URLs: change all http:// URLs to https:// 2016-02-03 00:19:02 +01:00
Daniel Stenberg
c341311a0e Revert "cleanup: general removal of TODO (and similar) comments"
This reverts commit 64e959ffe3.

Feedback-by: Dan Fandrich
URL: http://curl.haxx.se/mail/lib-2015-11/0062.html
2015-11-24 09:36:45 +01:00
Daniel Stenberg
64e959ffe3 cleanup: general removal of TODO (and similar) comments
They tend to never get updated anyway so they're frequently inaccurate
and we never go back to revisit them anyway. We document issues to work
on properly in KNOWN_BUGS and TODO instead.
2015-11-13 16:15:26 +01:00
Daniel Stenberg
f54a4aa9a3 imap: avoid freeing constant string
The fix in 1a614c6c3 was wrong and would leed to free() of a fixed
string.

Pointed-out-by: Kamil Dudka
2015-11-09 10:54:55 +01:00
Justin Ehlert
23b8fc15c8 imap: Don't check for continuation when executing a CUSTOMREQUEST
Bug: https://github.com/bagder/curl/issues/486
Closes https://github.com/bagder/curl/pull/487
2015-11-08 12:12:33 +00:00
Daniel Stenberg
e3c85405d0 imap: checksrc: remove space after while before paren 2015-11-07 23:21:29 +01:00
Steve Holme
23c4090fd3 imap: Quote other 'atom-specials' and not just the space character
Closes #517
2015-11-07 11:59:32 +00:00
Steve Holme
50bff12ac8 imap: Fixed double quote in LIST command when mailbox contains spaces 2015-11-07 11:20:34 +00:00
Daniel Stenberg
1a614c6c37 imap: fix compiler warning
imap.c:657:13: error: assignment discards 'const' qualifier from pointer
target type [-Werror=discarded-qualifiers]
2015-11-06 23:44:27 +01:00
Steve Holme
505d966850 imap: Don't call imap_atom() when no mailbox specified in LIST command 2015-11-06 21:49:26 +00:00
Daniel Stenberg
0f4a03cbb6 free: instead of Curl_safefree()
Since we just started make use of free(NULL) in order to simplify code,
this change takes it a step further and:

- converts lots of Curl_safefree() calls to good old free()
- makes Curl_safefree() not check the pointer before free()

The (new) rule of thumb is: if you really want a function call that
frees a pointer and then assigns it to NULL, then use Curl_safefree().
But we will prefer just using free() from now on.
2015-03-16 15:01:15 +01:00
Daniel Stenberg
df5578a7a3 mprintf.h: remove #ifdef CURLDEBUG
... and as a consequence, introduce curl_printf.h with that re-define
magic instead and make all libcurl code use that instead.
2015-03-03 12:36:18 +01:00
Patrick Monnerat
fe79f20957 imap: remove automatic password setting: it breaks external sasl authentication 2015-01-27 17:34:40 +01:00
Patrick Monnerat
0d24f64473 sasl: implement EXTERNAL authentication mechanism.
Its use is only enabled by explicit requirement in URL (;AUTH=EXTERNAL) and
by not setting the password.
2015-01-27 17:24:55 +01:00
Patrick Monnerat
79543caf90 SASL: common state engine for imap/pop3/smtp 2015-01-20 17:33:05 +01:00
Patrick Monnerat
e1ea18f90e SASL: common URL option and auth capabilities decoders for all protocols 2015-01-20 15:27:25 +01:00
Patrick Monnerat
5f09cbcdbd IMAP/POP3/SMTP: use a per-connection sub-structure for SASL parameters. 2015-01-20 14:14:26 +01:00
Steve Holme
4626f31d0e ldap/imap: Fixed spelling mistake in comments and variable names
Reported-by: Michael Osipov
2015-01-07 13:50:56 +00:00
Patrick Monnerat
9081014c2c IPV6: address scope != scope id
There was a confusion between these: this commit tries to disambiguate them.
- Scope can be computed from the address itself.
- Scope id is scope dependent: it is currently defined as 1-based local
  interface index for link-local scoped addresses, and as a site index(?) for
  (obsolete) site-local addresses. Linux only supports it for link-local
  addresses.
The URL parser properly parses a scope id as an interface index, but stores it
in a field named "scope": confusion. The field has been renamed into "scope_id".
Curl_if2ip() used the scope id as it was a scope. This caused failures
to bind to an interface.
Scope is now computed from the addresses and Curl_if2ip() matches them.
If redundantly specified in the URL, scope id is check for mismatch with
the interface index.

This commit should fix SF bug #1451.
2014-12-16 13:52:06 +01:00
Michael Osipov
9f10e45e42 kerberos: Use symbol qualified with _KERBEROS5
For consistency renamed USE_KRB5 to USE_KERBEROS5.
2014-11-16 13:29:04 +00:00
Steve Holme
b6821dbb91 sasl: Fixed Kerberos V5 inclusion when CURL_DISABLE_CRYPTO_AUTH is used
Typically the USE_WINDOWS_SSPI definition would not be used when the
CURL_DISABLE_CRYPTO_AUTH define is, however, it is still a valid build
configuration and, as such, the SASL Kerberos V5 (GSSAPI) authentication
data structures and functions would incorrectly be used when they
shouldn't be.

Introduced a new USE_KRB5 definition that takes into account the use of
CURL_DISABLE_CRYPTO_AUTH like USE_SPNEGO and USE_NTLM do.
2014-11-02 00:35:16 +00:00
Daniel Stenberg
a9beeeeeea imap_perform_authentication: fix memory leak
Coverity CID 1215296. There's a potential risk for a memory leak in
here, and moving the free call to be unconditional seems like a cheap
price to remove the risk.
2014-10-02 23:01:45 +02:00
Brandon Casey
6beb0eeea1 Ensure progress.size_dl/progress.size_ul are always >= 0
Historically the default "unknown" value for progress.size_dl and
progress.size_ul has been zero, since these values are initialized
implicitly by the calloc that allocates the curl handle that these
variables are a part of.  Users of curl that install progress
callbacks may expect these values to always be >= 0.

Currently it is possible for progress.size_dl and progress.size_ul
to by set to a value of -1, if Curl_pgrsSetDownloadSize() or
Curl_pgrsSetUploadSize() are passed a "size" of -1 (which a few
places currently do, and a following patch will add more).  So
lets update Curl_pgrsSetDownloadSize() and Curl_pgrsSetUploadSize()
so they make sure that these variables always contain a value that
is >= 0.

Updates test579 and test599.

Signed-off-by: Brandon Casey <drafnel@gmail.com>
2014-09-07 23:23:12 +02:00
Steve Holme
96034c4a51 imap: Added support for GSSAPI (Kerberos V5) authentication via Windows SSPI 2014-08-15 21:39:31 +01:00
Steve Holme
472d1d8e05 email: Introduced the GSSAPI states 2014-08-14 20:20:13 +01:00
Daniel Stenberg
df13f8e8c2 bits.close: introduce connection close tracking
Make all code use connclose() and connkeep() when changing the "close
state" for a connection. These two macros take a string argument with an
explanation, and debug builds of curl will include that in the debug
output. Helps tracking connection re-use/close issues.
2014-05-22 00:34:10 +02:00
Daniel Stenberg
d5ec44ca4c INFILESIZE: fields in UserDefined must not be changed run-time
set.infilesize in this case was modified in several places, which could
lead to repeated requests using the same handle to get unintendent/wrong
consequences based on what the previous request did!
2014-04-26 18:17:10 +02:00
Daniel Stenberg
710f14edba handler: make 'protocol' always specified as a single bit
This makes the findprotocol() function work as intended so that libcurl
can properly be restricted to not support HTTP while still supporting
HTTPS - since the HTTPS handler previously set both the HTTP and HTTPS
bits in the protocol field.

This fixes --proto and --proto-redir for most SSL protocols.

This is done by adding a few new convenience defines that groups HTTP
and HTTPS, FTP and FTPS etc that should then be used when the code wants
to check for both protocols at once. PROTO_FAMILY_[protocol] style.

Bug: https://github.com/bagder/curl/pull/97
Reported-by: drizzt
2014-04-23 22:36:01 +02:00
Steve Holme
d7ed8da43e imap: Extended FETCH support to include PARTIAL URL specifier 2014-04-18 20:14:09 +01:00
Steve Holme
84c0aabe65 imap: Expanded mailbox SEARCH support to use URL query strings 2014-04-18 16:51:48 +01:00
Steve Holme
ca63d4feba imap: Added support for parsing URL query strings
Added support for parsing query strings from the URL as defined by
RFC-5092.
2014-04-18 16:43:57 +01:00
Steve Holme
f804378d16 imap: Introduced the SEARCH state 2014-04-18 15:32:13 +01:00
Steve Holme
2c6b41e98a imap: Fixed untagged response detection when no data after command
Should a command return untagged responses that contained no data then
the imap_matchresp() function would not detect them as valid responses,
as it wasn't taking the CRLF characters into account at the end of each
line.
2014-04-18 15:01:57 +01:00
Steve Holme
3a92de5636 sasl: Combined DIGEST-MD5 message decoding and generation 2014-04-05 23:09:04 +01:00
Steve Holme
34365e4b03 imap: Fixed line length warning 2013-12-31 12:16:33 +00:00
Steve Holme
60bd22620a mprintf: Replaced internal usage of FORMAT_OFF_T and FORMAT_OFF_TU
Following commit 0aafd77fa4, replaced the internal usage of
FORMAT_OFF_T and FORMAT_OFF_TU with the external versions that we
expect API programmers to use.

This negates the need for separate definitions which were subtly
different under different platforms/compilers.
2013-12-31 11:10:42 +00:00
Steve Holme
7fd490732a imap: Fixed auth preference not being honored when CAPABILITY not supported
If a user indicated they preferred to authenticate using a SASL
mechanism, but SASL authentication wasn't supported by the server, curl
would always fall back to clear text when CAPABILITY wasn't supported,
even though the user didn't want to use this.
2013-12-24 22:50:33 +00:00
Steve Holme
cf2051764c email: Fixed segfault introduced in commit 195b63f99c 2013-12-22 00:16:52 +00:00
Daniel Stenberg
3ce2a3991b code police: fix indent level to silence checksrc complaints 2013-12-22 01:01:19 +01:00
Steve Holme
195b63f99c email: Extended the login options to support multiple auth mechanisms 2013-12-21 23:49:37 +00:00
Daniel Stenberg
11e8066ef9 vtls: renamed sslgen.[ch] to vtls.[ch] 2013-12-20 17:12:42 +01:00
Daniel Stenberg
eccf4fb7ee vtls: created subdir, moved sslgen.[ch] there, updated all include lines 2013-12-20 17:12:42 +01:00
Steve Holme
48043f87b6 imap/pop3/smtp: Added support for SASL authentication downgrades
Added support for downgrading the SASL authentication mechanism when the
decoding of CRAM-MD5, DIGEST-MD5 and NTLM messages fails. This enhances
the previously added support for graceful cancellation by allowing the
client to retry a lesser SASL mechanism such as LOGIN or PLAIN, or even
APOP / clear text (in the case of POP3 and IMAP) when supported by the
server.
2013-12-18 20:45:17 +00:00
Steve Holme
933e6c9d16 imap: Moved the calculation of SASL login details into a separate function 2013-12-18 12:43:28 +00:00